package com.fastloan.core.apiauth.service;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.fastloan.common.model.CheckResult;
import com.fastloan.core.apiauth.base.service.impl.ry.RYEncryptMode;
import com.fastloan.core.apiauth.base.service.impl.ry.model.RYRequestParam;
import com.fastloan.core.apiauth.base.util.AesUtil;
import com.fastloan.core.apiauth.base.util.EncryptTool;
import com.fastloan.core.apiauth.base.util.RsaUtil;
import com.fastloan.core.apiauth.dao.AgentSecretMapper;
import com.fastloan.core.apiauth.model.AgentSecret;
import com.fastloan.mgt.processcontrol.base.util.BeanFactoryUtil;
import com.fastloan.utils.PropertiesUtil;
import com.kawins.result.ResultTo;

/**
 * 加解密工具
 *
 * @author yanwe
 * createTime 2018-01-2018/1/4 17:13
 */
public class EncryptUtil {

    public static final String AGENT_ID = "agent_id";

    /**
     * 验证并解密请求
     *
     * @param ryRequestParam 请求参数
     * @return 结果
     */
    public static CheckResult ryVerifyAndDecrypt(RYRequestParam ryRequestParam){
        RYEncryptMode encryptBean = new RYEncryptMode();
        encryptBean.setEncryptAesKey(ryRequestParam.getSc());
        encryptBean.setAesIv(ryRequestParam.getIv());
        encryptBean.setRsaPriKey(PropertiesUtil.getProperty("rsa.privateKey"));
        String decodeBean = encryptBean.decodeBean(ryRequestParam.getData());
        if (decodeBean == null){
            return CheckResult.fail("解密失败！",2000);
        }
        JSONObject jsonObject = JSON.parseObject(decodeBean);
        String sign = jsonObject.getString("sign");
        jsonObject.remove("sign");
        AgentSecret agentSecret = getAgentSecret(jsonObject.getString(AGENT_ID));
        if (agentSecret == null){
            return CheckResult.fail("商户号不合法！",2002);
        }
        String mySign = encryptBean.signBean(jsonObject,agentSecret.getAgentSecret());
        if (!mySign.equals(sign)){
            return CheckResult.fail("签名验证失败！",2001);
        }
        return CheckResult.success(jsonObject.toJSONString());
    }

    /**
     * 加密返回值
     *
     * @param ryRequestParam 请求参数
     * @param agentNo 客户编号
     * @param resultTo 返回值
     * @return
     */
    public static String ryEncrypt(RYRequestParam ryRequestParam, String agentNo, ResultTo resultTo){
        AgentSecret agentSecret = getAgentSecret(agentNo);
        String iv = ryRequestParam.getIv();
        String sc = ryRequestParam.getSc();
        String rand = EncryptTool.generateRandom32();
        RYEncryptMode encryptBean = new RYEncryptMode();
        String sign = encryptBean.generateSign(agentSecret.getAgentSecret(),rand);
        String realSc = RsaUtil.decryptByRsaPri(sc, PropertiesUtil.getProperty("rsa.privateKey"));
        resultTo.put("rand",rand);
        resultTo.put("sign",sign);
        return AesUtil.encryptByCBC(JSON.toJSONString(resultTo),realSc,iv);
    }

    /**
     * 回调时加密请求
     *
     * @param object 参数
     * @param agentNo 客户编号
     * @return 加密数据
     */
    public static RYRequestParam ryEncryptBean(Object object,String agentNo){
        String agentSecret = getAgentSecret(agentNo).getAgentSecret();
        RYEncryptMode ryEncryptMode = new RYEncryptMode();
        ryEncryptMode.setRsaPriKey(PropertiesUtil.getProperty("rsa.privateKey"));
        String data = ryEncryptMode.encryptBeanByRsaPri(object, agentSecret);
        RYRequestParam ryRequestParam = new RYRequestParam();
        ryRequestParam.setSc(ryEncryptMode.getEncryptAesKey());
        ryRequestParam.setIv(ryEncryptMode.getAesIv());
        ryRequestParam.setData(data);
        return ryRequestParam;
    }

    private static AgentSecret getAgentSecret(String agentNo) {
        AgentSecretMapper agentSecretMapper = BeanFactoryUtil.getBean(AgentSecretMapper.class);
        return agentSecretMapper.selectByPrimaryKey(agentNo);
    }
}
